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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims: 

1 . (Previously Presented) A method for provision of access for a data 
requesting entity to data related to a principal, comprising the following steps: 

creating an access granting ticket comprising 

(a) an access specification specifying a permission for an access to data related 
to the principal, said data being available at a data providing entity, 

(b) a principal identifier representing the principal towards the data providing 
entity, 

- encrypting the access granting ticket with an encryption key of the data 
providing entity, 

- communicating to the data requesting entity the encrypted access granting 
ticket accompanied by an identifier of the data providing entity, 
-communicating from the data requesting entity to the data providing entity a 
request comprising the encrypted access granting ticket, 

- decrypting the encrypted access granting ticket with a decryption key of the 
data providing entity corresponding to the encryption key, 

- providing to the data requesting entity access to data related to the principal 
identifier according to the access specification. 

2. (Original) The method according to claim 1, wherein the encrypted 
access granting ticket comprises or is accompanied by verification information and 
access is provided based on an analysis of the verification information. 

3. (Previously Presented) The method according to claim 1 , wherein the 
request to the data providing entity comprises a specification for requested data related 
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to the principal and access is provided according to a matching of the access 
specification and the requested data. 

4. (Previously Presented) The method according to claim 1, wherein the 
access granting ticket is created based on a data storage correlating at least two items 
of a group comprising the identifier of the data providing entity, the data related to the 
principal available at the data providing entity, the principal identifier, the encryption key, 
and the access specification. 

5. (Previously Presented) The method according to claim 1 , wherein an 
indication for the access specification is entered into a principal entity to create the 
access granting ticket. 

6. (Previously Presented) The method according to claim 1, wherein the 
access granting ticket further comprises security information and access is provided 
based on an analysis of the security information. 

7. (Previously Presented) The method according to claim 1 , wherein the 
encrypted access granting ticket is accompanied by public information. 

8. (Previously Presented) The method according to claim 1, wherein the 
request to the data providing entity is communicated based on an analysis of the public 
information. 

9. (Previously Presented) The method according to claim 1 , wherein the 
decryption is based on an analysis of the public information. 

10. (Previously Presented) The method according to claim 1, wherein the 
data to which access is provided to is transferred to the data requesting entity. 
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1 1 . (Currently Amended) The method according to claim 1 , wherein at 
least one further encrypted-access granting ticket for further data related to the principal 
available at least one further data providing entity is e roatod created and communicated 
to the data requesting entity for provision of access to the further principal related data 
available at the at least one further data providing entity, the at least one further 
encrypted access granting ticket being accompanied by at least one further identifier of 
the at least one further data providing entity (IPE2) . 

12. (Currently amended) A principal entity for provision of access for a 
data requesting entity to data related to a principal, comprising a transmission unit for 
sending of messages and information and a processing unit for processing of messages 
and information, wherein the processing un i t i s adapt e d to cr e at e creates an access 
granting ticket comprising an access specification specifying a permission for an access 
to data related to the principal, said data being available at a data providing entity, and a 
principal identifier representing the principal towards the data providing entity, to encrypt 
the access granting ticket with an encryption key of the data providing entity, and to 
obtain an identifier of the data providing entity, and the transmission unit i s adapt e d to 
sen4 sends the encrypted access granting ticket accompanied by the identifier of the 
data providing entity to the data requesting entity. 

13. (Previously Presented) The principal entity according to claim 12, 
wherein the processing unit is adapted to include verification information into the access 
granting ticket and/or to attach verification information to the encrypted access granting 
ticket and the transmission unit is adapted to send the encrypted access granting ticket 
accompanied by the attached verification information to the data requesting entity. 

14. (Previously Presented) The principal entity according to claim 12, 
wherein the processing unit is adapted to access a data storage correlating at least two 
items of a group comprising of the identifier of the data providing entity, the data related 
to the principal available at the data providing entity, the principal identifier, the 
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encryption key, and the access specification, and to create the access granting ticket 
based on the data storage. 

15. (Previously Presented) The principal entity according to claim 12, 
wherein the processing unit is adapted to create the access granting ticket based on an 
indication for the access specification entered into an input unit of the principal entity. 

16. (Previously Presented) The principal entity according to claim 12, 
wherein the processing unit is adapted to include security information into the access 
granting ticket. 

17. (Previously Presented) The principal entity according to claim 12, 
wherein the processing unit is adapted to obtain public information and the transmission 
unit is adapted to send the encrypted access granting ticket accompanied by the public 
information to the data requesting entity. 

18. (Currently Amended) The principal entity according to claim 12, 
wherein the processing unit is adapted to create at least one further encrypted access 
granting ticket for further data related to the principal available at least one further data 
providing entity and the transmission unit is adapted to send the further encrypted 
access granting ticket to the data requesting entity accompanied by at least one further 
identifier of the at least one further data providing entity for provision of access to the 
further principal rotated related data accessible at the at feast least one further data 
providing entity. 

19. (Currently amended) A data requesting entity comprising a receiving 
unit for receiving messages and information; a transmission unit for sending of 
messages and information, and a processing unit for processing of messages and 
information, the receiving unit is adapt e d to r e c e iv e receives a first encrypted access 
granting ticket for provision of access to first data related to a principal, said first data 
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being available at a first data providing entity, the first encrypted access granting ticket 
being accompanied by an identifier of the first data providing entity and to receive a 
further encrypted access granting ticket for provision of access to further data related to 
the principal, said further data being available at a further data providing entity, the 
further encrypted access granting ticket being accompanied by a further identifier of the 
further data providing entity, the processing unit i s adapted to gonorato generates a first 
request comprising the first encrypted access granting ticket and a further request 
comprising the further encrypted access granting ticket and the transmission unit is 
adapt e d to s e nd sends the first request to the first data providing entity and the further 
request to the further data providing entity, and the receiving unit i s adapt e d to r e oe i vo 
receives a first indication for access provision to the first data from the first data 
providing entity and a further indication for access provision to the further data from the 
further data providing entity. 

20. (Previously Presented) The data requesting entity according to claim 
19, wherein at least one of the first encrypted access granting ticket and the further 
encrypted access granting ticket is accompanied by public information and the 
processing unit is adapted to analyze the public information before the generation of at 
least one of the first request and the further request. 

21. (Previously Presented) The data request according to claim 19, 
wherein the first indication-comprises the first data related to the-principal-and the 
further indication comprises the further data related to the principal. 

22. (Currently amended) A data providing entity for provision of access 
to data related to a principal, the data providing entity comprising a receiving unit for 
receiving messages and information, a transmission unit for sending of messages and 
information, and a processing unit for processing of messages and information, wherein 
the receiving unit i s adapt e d to r e c ei v e receives a request from a data requesting entity, 
the request comprising an access granting ticket encrypted with an encryption key of 
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the data providing entity, the access granting ticket comprising an access specification 
specifying a permission for an access to data related to the principal, said data being 
available at the data providing entity, and a principal identifier representing the principal 
towards the data providing entity; the processing unit is adapted to d e crypt decrypts the 
encrypted access granting ticket with a decryption key of the data providing entity 
corresponding to the encryption key and to prov i d e provides to the data requesting 
entity access to data related to the principal identifier according to the access 
specification. 

23. (Currently amended) The data providing entity according to claim 22, 
wherein the encrypted access granting ticket comprises or is accompanied by 
verification information and the processing unit i s adapt e d to prov i d e provides access 
based on an analysis of the verification information. 

24. (Currently amended) The data providing entity according to claim 22, 
wherein the request comprises a specification for requested data related to the principal 
and the processing unit i s adapt e d to provid e provides access according to a matching 
of the access specification and the requested data. 

25. (Currently amended) The data providing entity according to claim 22, 
wherein the access granting ticket further comprises security information and the 
processing unit i s adapt e d to provid e provides access based on an analysis of the 
security information. 

26. (Currently amended) The data providing entity according to claim 22, 
wherein the encrypted access granting ticket is accompanied by public information and 
the processing unit i s adapt e d to i n i t i at e initiates the decryption based on an analysis of 
the public information. 



Page 7 of 13 



Appl. No. 10/551,855 

Reply to Office Action of January 9, 2009 
Attorney Docket No. P16731 US1 
EUS/GJ/P/09-7521 

27. (Currently amended) The data providing entity according to claim 22, 
wherein the transmission unit i s adapted to oond sends the data, to which access is 
provided to, to the data requesting entity. 

28. (Currently amended) A computer readable medium program 
l oadab le i nto th e proc e ssing un i t of a pr i nc i pal e nt i ty, wh o r oi n th e comput e r program 
compris e s cod e adapt e d to having stored thereon a plurality of instructions, the plurality 
of instructions including instructions which, when executed bv a processor, cause the 
processor to perform the steps of a method, comprising: 

create an access granting ticket comprising an access specification specifying a 
permission for an access to data related to the principal, said data being available at a 
data providing entity, and a principal identifier representing a principal towards the data 
providing entity, to encrypt the access granting ticket with an encryption key of the data 
providing entity, to obtain an identifier of a data providing entity, and to initiate a sending 
of the encrypted access granting ticket accompanied by the identifier of the data 
providing entity to the data requesting entity. 

29. (Currently amended) A computer readable medium program 
l oadab le i nto the proc e ss i ng unit of a pr i ncip al e nt i ty, wh e r ei n th e comput e r program 
compr i s e s oodo adapt e d to having stored thereon a plurality of instructions, the plurality 
of instructions including instructions which, when executed bv a processor, cause the 
processor to perform the steps of a method, comprising: 

process a first encrypted access granting ticket for provision of access to first 
data related to a principal, said first data being available at a first data providing entity, 
the first encrypted access granting ticket being accompanied by an identifier of the first 
data providing entity and to process a further encrypted access granting ticket for 
provision of access to further data related to the principal, said further data being 
available at a further data providing entity, the further encrypted access granting ticket 
being accompanied by a further identifier of the further data providing entity, to generate 
a first request comprising the first encrypted access granting ticket and a further request 
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comprising the further encrypted access granting ticket and to initiate a sending of the 
first request to the first data providing entity and of the further request to the further data 
providing entity, and to process a first indication for access provision to the first data 
from the first data providing entity and a further indication for access provision to the 
further data from the further data providing entity. 

30. (Currently amended) A computer readable medium program 
l oadab le i nto th e proc e ssing un i t of a pr i ncipa l e nt i ty, wh e re i n th e computer program 
compr i s e s cod e adapt e d to having stored thereon a plurality of instructions, the plurality 
of instructions including instructions which, when executed by a processor, cause the 
processor to perform the steps of a method, comprising: 

process a request from a data requesting entity, the request comprising an 
access granting ticket encrypted with an encryption key of the data providing entity, the 
access granting ticket comprising an access specification specifying a permission for an 
access to data related to a principal, said data being available at the data providing 
entity, and a principal identifier representing the principal towards the data providing 
entity, to decrypt the encrypted access granting ticket with a decryption key of the data 
providing entity corresponding to the encryption key and to provide to the data 
requesting entity access to data related to the principal identifier according to the 
access specification. 

31. (Canceled) 
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